#!/bin/bash

OPENSSL=/usr/bin/openssl

if [ -z "$1" ]; then
	DESTDIR=/etc/findik/ssl
else
	DESTDIR=$1
fi

if [ -z "$2" ]; then
	DHSIZE=2048
else
	DHSIZE=$2
fi

mkdir -p $DESTDIR || exit 1

$OPENSSL genrsa > $DESTDIR/private.pem || exit 1

$OPENSSL req -new -x509 -key $DESTDIR/private.pem -out $DESTDIR/public.pem || exit 1

$OPENSSL x509 -hash -fingerprint -noout -in $DESTDIR/public.pem || exit 1

ln -s $DESTDIR/public.pem $DESTDIR/hash.0 || exit 1

$OPENSSL dhparam -out $DESTDIR/dh.pem $DHSIZE || exit 1

